I have contracted a Virus that shows many Ads

Your JRT log

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.0 (11.12.2015)
Operating System: Windows 10 Home x86
Ran by User (Administrator) on Mon 11/16/2015 at 17:06:39.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 3
Successfully deleted: C:\Users\User\AppData\Local\installer (Folder)
Successfully deleted: C:\Users\User\Appdata\LocalLow\company (Folder)
Successfully repaired: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk (Shortcut)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/16/2015 at 17:08:27.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

That's good.
Now please upload your MBAM scan log. Thanks.

EDIT: I will be unavailable for about an hour now, but that should be okay because ESET will take quite a while to run.

Writer said:

When I go to Defender Desktop app, I get the following message. This doesn't seem right. Shouldn't Defender be on normally? How do I go about turning Defender on?



Also: What were you able to conclude from the several LogFiles that you reviewed?

As I suspected, your Windows Defender was disabled by the malware. The bulk of it is gone, but you are not clean yet.

Please post the Malwarebytes scan log so I can identify what infected you.

What scan are you on now please?

Writer said:

I just completed another Malwarebytes AM Scan. Here is the LogFile:

Malwarebytes AM 11-16-2015 6.30 pm.docx

Was the Scan Log from the Malwarebytes AM Scan I did around noon today stored somewhere?

Here is where you find the MBAM log files from the scans you have run:




There is a setting in MBAM you need to change so it detects Rootkits:




So, sorry, but it really needs to be run again with the Rootkit selected, and make sure the PUPs and PUMs are "treated as malware" as well.

To answer your earlier question - MBAM does not need to be turned off when running ESET; only your active AV (which in your case, Defender, is already disabled due to the infections).

And is the ESET scan running now? You should only run one scan at a time, so if ESET is running, let it finish before running MBAM again please.

Your current MBAM log

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 11/16/2015
Scan Time: 6:30 PM
Logfile: Malwarebytes AM 11-16-2015 6.30 pm.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.11.16.07
Rootkit Database: v2015.11.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 355070
Time Elapsed: 25 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.CrossRider, HKU\S-1-5-21-4156195948-2828175874-2147720042-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9563BC59-9556-4805-8CD4-886781779D8D}, Quarantined, [04b33c4282099a9cf540488f5da6619f],

Do you have Ghostery installed on one of your browsers? If so, when all is said and done, it may need to be reinstalled.

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)
(end)

Looking much better now, but I'd still like to see the log from the first run, thanks.

Writer said:

I was not able to access ESET from the posts that you made previously. The screen locks up so that I have to close the tab.

What browser are you trying to run it in please?
What all browsers do you have on the system?

Writer said:

I was not able to access ESET from the posts that you made previously. The screen locks up so that I have to close the tab.I'll run Malwarebytes AM now and select a root kit. This will likely take 25 minutes again.

Okay sounds good.

EDIT: I just read your other thread, and it appears that you have only Edge and Internet Explorer, is that correct? If so, then please download and install Firefox browser, and use that to run the ESET online scanner.

Writer said:

When I go to Malwarebytes AM "History," the list there includes three or four dates from the time I first got the viruses on 11-09-2015. There are only three options offered there: I can "Restore" "Delete" or "Delete All." The question is: how do I copy all of these files so that I can put them in a document and post them to you?

When you click on a log, it opens, and in the bottom-left there is an "Export" button. You can select "copy to clipboard" and then paste the text right in here in your next message. (You don't even have to make a doc file out of it.)

Make sure you select APPLICATION LOGS on the left and not QUARANTINE.